Hackers Steal Bitcoins With Only A Name And A Phone Number! - Keep Yours Safe

in #bitcoin7 years ago

ransomware-bitcoin-hackers.jpg

Hi Steemians, welcome to yet another post regarding blockchain. I feel that blockchain is the most important invention of 20th century.

PREVIOUS POST

line_break.png


Why Blockchain Is The Greatest Invention Of 20th Century!

line_break.png

Positive Technologies researchers recently were able to hack into the google account of a person with only his name and phone number. They were able to use it to get the details about the persons bank account and bitcoin assets.

Researchers were able to do this by exploiting a flaw in the global telecom network, that affects the signaling system No. 7 (SS7). Researchers demonestrated in a video how they were able to hack into coinbase account. They were able to do anything and everything with its funds. As we all know that Coinbase is a big exchange, a lot of bitcoins seem to be at risk of being hacked.

So what actually is SS7 weakness and what does it do?

SS7 weakness means that anyone with access to telecom backbone can send and receive messages from specific phones. The attacks can allow text, calls and location data to be intercepted.

First Gmail was used to find an email account with only a phone number by researchers of Positive Technologies. Then a password reset request was generated which triggered a one time password to be sent to victims phone number. Now with SS7 the sms was intercepted to get the code. At this point in time they were in total control of the account. The same procedure was repeated for the users coinbase account. This is shown in the video below:

“This hack would work for any resource – real currency or virtual currency – that uses SMS for password recovery.”
Positive researcher Dmitry Kurbatov

One of the biggest hurdle for hackers to do such attacks access to SS7 network itself. Researches have access to it for research purposes and to secure the networks. But hackers can hack their way in, or have to buy access - from dark web obiviously.

How to Keep Your Bitcoins Safe from SS7 Attacks?

However, scary this type of attack seems, there are solutions that can be used to secure your bitcoins which are stored in a Google account-linked wallet. One can stop using the SMS for 2FA. Start using Apps like Google Authenticator, Authy for 2FA. They are much more secure than SMS 2FA. SS7 attacks doesnt work with these apps. Other Solutions may be Google Prompt or a security key in place of SMS.

Always use highest of the security for your bitcoins if you want them safe, because vultures are always in the skies looking for a prey.

PREVIOUS POST

line_break.png


Why Blockchain Is The Greatest Invention Of 20th Century!

line_break.png

follow1.gif

DQmRhDtjokAZnGKi4QwheqksKTFo6m4fsjMYsNNrsitC1xk.gif

Images: P1

Videos: V1

#news #hacking #cryptocurrency #danishmmir
7 years ago in #bitcoin by
$0.22
  • Past Payouts $0.22, 0.00 TRX
  • - Author $0.20, 0.00 TRX
  • - Curators $0.01, 0.00 TRX
7 votes
Reply 4
Sort:  
  • Trending
    • [-]
     7 years ago 

    Email accounts based ONLY on the phone number have ALWAYS been a security vulnerability, this SS7 hack makes them a completely open book.

    [-]
     7 years ago 

    Yes. Plus the reach of gmail makes it a much larger threat in combination with android.

    $0.00
      Reply
      [-]
       7 years ago 

      Great article! I've already taken measures to make my password safer. Thanks!

      $0.00
        Reply

        Coin Marketplace

        STEEM 0.19
        TRX 0.15
        JST 0.029
        BTC 63030.98
        ETH 2594.62
        USDT 1.00
        SBD 2.74